Lucene search
K

211 matches found

RedHat Linux
RedHat Linux
added last week4 views

gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS6AI score0.00301EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/08 2:15 p.m.3 views

gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS6AI score0.00301EPSS
Exploits0References5
OSV
OSV
added 2026/07/03 11:23 a.m.3 views

SUSE-SU-2026:2743-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issue - CVE-2026-52719: gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder bsc1268401...

7.1CVSS5.9AI score0.00301EPSS
Exploits0References3
OSV
OSV
added 2026/07/02 6:53 a.m.2 views

OPENSUSE-SU-2026:21204-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issue - CVE-2026-52719: gstreamer1-plugins-bad-free: GStreamer: Out-of-bounds read via JPEG segment length validation in VA decoder bsc1268401...

7.1CVSS5.9AI score0.00301EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:30 p.m.15 views

EUVD-2026-36798

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.4AI score0.00301EPSS
Exploits0References4
OSV
OSV
added 2026/06/15 8:16 p.m.7 views

UBUNTU-CVE-2026-52719

An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...

7.1CVSS5.9AI score0.00301EPSS
Exploits0References4
CVE
CVE
added 2026/06/15 7:10 p.m.34 views

CVE-2026-52719

GStreamer: out-of-bounds read in the VA JPEG decoder of gst-plugins-bad (CVE-2026-52719). The JPEG parser reads a segment length without validating against available data, enabling a remote attacker to craft a JPEG that, when opened by a user, may cause parsing to read beyond the input buffer, po...

7.1CVSS5.4AI score0.00301EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/10 2:25 a.m.10 views

SUSE CVE-2026-46325

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGESIZE. The core issue is that rxesetpage is called...

9.8CVSS5.5AI score0.00347EPSS
Exploits0References3
NVD
NVD
added 2026/06/09 2:16 p.m.38 views

CVE-2026-46325

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGESIZE. The core issue is that rxesetpage is called...

9.8CVSS0.00347EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 12:25 p.m.33 views

CVE-2026-46325 RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGESIZE. The core issue is that rxesetpage is called...

9.8CVSS0.00347EPSS
Exploits0References3
OSV
OSV
added 2026/06/09 12:25 p.m.5 views

CVE-2026-46325 RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGESIZE. The core issue is that rxesetpage is called...

9.8CVSS6.6AI score0.00347EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/09 12:25 p.m.13 views

EUVD-2026-35426

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGESIZE. The core issue is that rxesetpage is called...

5.4AI score0.00347EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-47783

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA/rxe component regarding incorrect iova-to-va I/O virtual address to virtual address conversion when memory regions MRs have page sizes different from the syst...

9.8CVSS5.7AI score0.00817EPSS
Exploits9References108
SUSE CVE
SUSE CVE
added 2026/05/28 3:52 a.m.13 views

SUSE CVE-2026-46093

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: take vmappurgelock in shrinker decayvapoolnode can be invoked concurrently from two paths: purgevmaparealazy when pools are being purged, and the shrinker via vmapnodeshrinkscan. However, decayvapoolnode is not safe t...

6.3CVSS5.7AI score0.00127EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/27 5:7 p.m.14 views

CVE-2026-46093

A flaw was found in the Linux kernel's memory management vmalloc subsystem. The decayvapoolnode function, when invoked concurrently from the shrinker path, lacks proper serialization. This oversight can lead to race conditions, potentially resulting in memory leaks and affecting system stability...

7.8CVSS5.8AI score0.00127EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.14 views

CVE-2026-46093

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: take vmappurgelock in shrinker decayvapoolnode can be invoked concurrently from two paths: purgevmaparealazy when pools are being purged, and the shrinker via vmapnodeshrinkscan. However, decayvapoolnode is not safe t...

7.8CVSS0.00127EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:58 p.m.10 views

CVE-2026-46093

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: take vmappurgelock in shrinker decayvapoolnode can be invoked concurrently from two paths: purgevmaparealazy when pools are being purged, and the shrinker via vmapnodeshrinkscan. However, decayvapoolnode is not safe t...

5.7AI score0.00127EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/27 12:58 p.m.1 views

CVE-2026-46093 mm/vmalloc: take vmap_purge_lock in shrinker

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: take vmappurgelock in shrinker decayvapoolnode can be invoked concurrently from two paths: purgevmaparealazy when pools are being purged, and the shrinker via vmapnodeshrinkscan. However, decayvapoolnode is not safe t...

7.8CVSS6.5AI score0.00127EPSS
Exploits0References6
CVE
CVE
added 2026/05/27 12:58 p.m.43 views

CVE-2026-46093

CVE-2026-46093 affects the Linux kernel mm/vmalloc subsystem. The issue arises because decay_va_pool_node() can be invoked concurrently from two paths—the purge path and the shrinker path via vmap_node_shrink_scan—without proper serialization. This leads to races and potential memory leaks. The d...

7.8CVSS5.7AI score0.00127EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.11 views

PT-2026-43961

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Linux kernel within the decay va pool node function. This function can be invoked concurrently by purge vmap area lazy during pool purging and by the...

7.8CVSS6.2AI score0.00127EPSS
Exploits0
Rows per page
Query Builder